Google fixes Chrome security defect on zero on the piracy campaign targeting journalists

Google said it had fixed a vulnerability in its chrome browser for the Windows used by malicious infiltrators to storm computers for the victims.

in Brief note On Tuesday, Google said it has fixed weakness, It was followed as CVE-2025-2783This was discovered by Kaspersky security company earlier this month.

Google said she is familiar with reports that exploitation of error is “in the wilderness.” The wrong is indicated in the name Zero day Because the seller – in this case, Google – has not been given time to fix the error before its exploitation.

According to Kaspersky, the error was exploited as part of a piracy campaign targeting chrome Windows computers.

in Blog postKaspersky described the “Operation Forum Troll” campaign, and said that the victims were targeting an email to hunt the call to the Russian global political summit. When a link was clicked in the email, the victims were transferred to a harmful website that immediately exploits errors to access the victim’s computer data.

Kaspersky presented The little details About the defect at the time of the vineyard correction, but he said that the error allowed the attackers to overcome the protection of the Chrome sand box, which limits the browser access to other data on the user’s computer. Kaspersky said that the error affects all other browsers based on Google’s chrome engine.

in Separate analysisKaspersky said it is possible that the error is likely to use a spy campaign, usually designed to monitor and steal data from the target device, usually over a period of time. The Russian -based security company, which is read, said that the infiltrators sent email messages dedicated to representatives of Russian media and employees in educational institutions.

It is not clear who was using the error, but Kaspersky attributed the campaign to a group of the state’s infiltrators or supported by the government.

Browsing like Chrome is a frequent target for wicked infiltrators and government -backed groups. The errors can be sold on a zero day that is able to penetrate its protection and in the data of the victim’s sensitive device at high prices. In 2024, it was a one -day broker Submit up to 3 million dollars for exploitation This can be turned online.

Google said that the chrome updates will be launched in the coming days and weeks.